Network intrusion detection system using bacterial foraging optimization with random forest

Network intrusion detection systems (NIDS) are designed to identify distributed denial of service (DDoS) attacks on networks, which manifest as sudden and significant spikes in network traffic. These attacks aim to disrupt the availability of specific nodes or the entire system by either draining supply node resources or jamming their signals. With the proliferation of attacks facilitated by malicious actors leveraging data transfer through Internet of Things (IoT) devices, security vulnerabilities have become prevalent across many networks. To counter these challenges, a novel approach called bacterial foraging optimization with random forest (BFO-RF) optimization is proposed for the identification and classification of DDoS attacks. The input data undergoes preprocessing using an autoencoder within the network security laboratory-knowledge discovery in databases (NSL-KDD) dataset. Following preprocessing, recursive feature elimination (RFE) is employed to extract pertinent features. Subsequently, the suggested BFO-RF optimization approach divides the data, with a focus on low-rate attacks. Once the feature selection process is complete, attacks are classified using a random forest classifier (RFC). The performance of the proposed BFO-RF optimization approach is evaluated, yielding exceptional results: an accuracy of 99.96%, specificity of 99.27%, recall of 99.98%, and an F-measure of 99.62%. In comparison, the established spider monkey optimization with hierarchical particle swarm optimization (SMO-HPSO) algorithm achieved an accuracy of 99.17%, specificity of 99.01%, recall of 98.33%, and an F-measure of 98.87%. The effectiveness of the suggested BFO-RF optimization approach in identifying attacks surpasses that of the gradient boosting classifier (GBC). The outcome analysis provides clear evidence that the proposed BFO-RF optimization approach is notably more dependable than the existing SMO-HPSO algorithm.